## Copyright (c) 2011 The Chromium Authors. All rights reserved.
## Use of this source code is governed by a BSD-style license that can be
## found in the LICENSE file.
##
## Author: Markus Gutschke

###############################################################################

###
### Pick the SSL library that you would like to use
###

# AxTLS is a very light-weight TLS implementation with very liberal licensing
# conditions. If your target environment does not natively ship with SSL
# libraries, either statically or dynamicly linking with AxTLS might be a good
# option. The downside is that this library is not as widely used and
# therefore is likely to have had fewer security reviews, and might have more
# compatibility issues.
# AX_CFLAGS := -DUSE_AXTLS -I/usr/local/lib/axtls/include
# AX_LDFLAGS := /usr/local/lib/axtls/lib/libaxtls.a
# AX_LDFLAGS := -L /usr/local/lib/axtls/lib -Wl,-R,/usr/local/lib/axtls/lib   \
#               -laxtls

# GNU TLS is a well-established TLS implementation with a mainstream opensource
# license, although it probably has had fewer reviews than some of the other
# big crypto libraries. Depending on license preferences, it might be a
# suitable option for some users.
# GNUTLS_CFLAGS := -DUSE_GNUTLS
# GNUTLS_LDFLAGS := /usr/lib/libgnutls.a /lib/libgcrypt.a /lib/libgpg-error.a \
#                   /usr/lib/libtasn1.a /usr/lib/libz.a
# GNUTLS_LDFLAGS := -lgnutls -lgcrypt

# NSS is a well-established cryptography library that includes TLS support, and
# ships by default on some systems. It is governed by several licenses. You
# should consult the licensing information to determine whether it is a good
# fit for your application.
# NSS_CFLAGS := -DUSE_NSS -I/usr/include/nspr
# NSS_LDFLAGS := -lssl3

# OpenSSL is another well-established TLS implementation that is readily
# available on a lot of systems. Licensing terms are a little subtle and
# can make the use of OpenSSL unavailable to some users.
# OPENSSL_CFLAGS := -DUSE_OPENSSL
# OPENSSL_LDFLAGS :=/usr/lib/libssl.a /usr/lib/libcrypto.a /usr/lib/libz.a -ldl
# OPENSSL_LDFLAGS := -lssl -lcrypto

# PolarSSL is another light-weight TLS implementation with a dual-license that
# could make it attractive to some users. It is a good choice for systems that
# do not natively ship with SSL libraries.
# POLAR_CFLAGS := -DUSE_POLAR -I/usr/local/lib/polarssl/include
# POLAR_LDFLAGS := /usr/local/lib/polarssl/lib/libpolarssl.a
# POLAR_CFLAGS := -DUSE_POLAR
# POLAR_LDFLAGS := /usr/lib/libpolarssl.a
# POLAR_LDFLAGS := -lpolarssl

# We can also use a copy of PolarSSL that is installed in our source directory
POLAR_CFLAGS := -DUSE_POLAR -Ipolarssl/include
POLAR_LDFLAGS := polarssl/library/libpolarssl.a
EXTRA_BUILD += $(MAKE) -C polarssl;
EXTRA_CLEAN += $(MAKE) -C polarssl clean;

###############################################################################

###
### Configure diagnostics options
###

# By default, all unexpected error conditions (server failure, unexpected
# protocol errors, incorrect passwords, program bugs, ...) are reported with
# detailed information where the error was noticed. The application
# subsequently terminates. These diagnostics messages help developers diagnose
# the problem, but it slightly increases the size of the application.
# DIAGNOSTICS :=

# In order to save program space, detailed diagnostics can be disabled.
# Instead, the program terminates with a generic error message and attempts to
# write a core file. Developers can often retrieve additional diagnostics
# data from the core file.
# DIAGNOSTICS := -DNDEBUG -DCORE

# If diagnostics data is not needed, both detailed messages and core files can
# be disabled. In case of an error, the program just terminates.
# DIAGNOSTICS := -DNDEBUG

# In order to analyze protocol errors, it can be helpful to log all incoming
# and outgoing data. This option should only be enabled during development, and
# must be disabled for production binaries.
DIAGNOSTICS := $(DIAGNOSTICS) -DVERBOSE

# Additionally, all other debugging information can be stripped from the binary
# STRIP := all

###############################################################################


SSL_INCL := $(AX_CFLAGS) $(GNUTLS_CFLAGS) $(NSS_CFLAGS) $(OPENSSL_CFLAGS)     \
            $(POLAR_CFLAGS)
SSL_LIBS := $(AX_LDFLAGS) $(GNUTLS_LDFLAGS) $(NSS_LDFLAGS) $(OPENSSL_LDFLAGS) \
            $(POLAR_LDFLAGS)

DEF_CFLAGS := -MMD -D_GNU_SOURCE -std=gnu99 -Wall -Werror -Os -g              \
              -ffunction-sections -fdata-sections
DEF_LDFLAGS := -g -lm -lresolv -Wl,--gc-sections

ifeq ($(origin CC), default)
  CC := gcc
endif

all: pitsd

dist: all clean
	tar jhfc pits.tar.bz2 --group=root --owner=root --xform s,^,pits/,    \
		`find -L . -maxdepth 1 -type d -o -printf '%P\n'|sort`        \
		OpenWRT/Makefile

clean:
	$(EXTRA_CLEAN)
	$(RM) -f pitsd core* *.o *.d *.tar.bz2

pitsd: pits.o base64.o cfg.o check.o connection.o control_job_status.o        \
       email_print_job.o fetch_job.o hashmap.o http.o ijs.o ijs_backend.o     \
       ieee1284.o json.o list_printers.o multipart.o misc.o net.o oauth2.o    \
       output_print_job.o poll_printer_reg.o printer.o proxyloop.o            \
       register_printer.o ssl_axtls.o ssl_gnutls.o ssl_nss.o ssl_openssl.o    \
       ssl_polar.o stringprintf.o utf8.o xml.o xmpp.o
	$(EXTRA_BUILD)
	$(CC) $(DEF_LDFLAGS) $(LDFLAGS) -o $@ $+ $(SSL_LIBS)
	@[ -n "$(STRIP)" ] && { echo strip $@ && strip $@; } || :

-include *.d

.c.o:
	$(CC) $(DEF_CFLAGS) $(DIAGNOSTICS) $(SSL_INCL) $(CFLAGS) -c -o $@ $<

